activestorage 6.0.5.1 → 6.1.0.rc1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of activestorage might be problematic. Click here for more details.

Files changed (61) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +137 -238
  3. data/MIT-LICENSE +1 -1
  4. data/README.md +36 -4
  5. data/app/controllers/active_storage/base_controller.rb +11 -0
  6. data/app/controllers/active_storage/blobs/proxy_controller.rb +14 -0
  7. data/app/controllers/active_storage/{blobs_controller.rb → blobs/redirect_controller.rb} +2 -2
  8. data/app/controllers/active_storage/disk_controller.rb +8 -20
  9. data/app/controllers/active_storage/representations/proxy_controller.rb +19 -0
  10. data/app/controllers/active_storage/{representations_controller.rb → representations/redirect_controller.rb} +2 -2
  11. data/app/controllers/concerns/active_storage/file_server.rb +18 -0
  12. data/app/controllers/concerns/active_storage/set_blob.rb +1 -1
  13. data/app/controllers/concerns/active_storage/set_current.rb +2 -2
  14. data/app/controllers/concerns/active_storage/set_headers.rb +12 -0
  15. data/app/jobs/active_storage/mirror_job.rb +15 -0
  16. data/app/models/active_storage/attachment.rb +18 -10
  17. data/app/models/active_storage/blob/analyzable.rb +6 -2
  18. data/app/models/active_storage/blob/identifiable.rb +7 -6
  19. data/app/models/active_storage/blob/representable.rb +34 -4
  20. data/app/models/active_storage/blob.rb +114 -57
  21. data/app/models/active_storage/preview.rb +31 -10
  22. data/app/models/active_storage/record.rb +7 -0
  23. data/app/models/active_storage/variant.rb +28 -41
  24. data/app/models/active_storage/variant_record.rb +8 -0
  25. data/app/models/active_storage/variant_with_record.rb +54 -0
  26. data/app/models/active_storage/variation.rb +25 -20
  27. data/config/routes.rb +58 -8
  28. data/db/migrate/20170806125915_create_active_storage_tables.rb +14 -5
  29. data/db/update_migrate/20190112182829_add_service_name_to_active_storage_blobs.rb +17 -0
  30. data/db/update_migrate/20191206030411_create_active_storage_variant_records.rb +11 -0
  31. data/lib/active_storage/analyzer/image_analyzer.rb +3 -0
  32. data/lib/active_storage/analyzer/null_analyzer.rb +4 -0
  33. data/lib/active_storage/analyzer/video_analyzer.rb +14 -3
  34. data/lib/active_storage/analyzer.rb +6 -0
  35. data/lib/active_storage/attached/changes/create_many.rb +1 -0
  36. data/lib/active_storage/attached/changes/create_one.rb +17 -4
  37. data/lib/active_storage/attached/many.rb +4 -3
  38. data/lib/active_storage/attached/model.rb +49 -10
  39. data/lib/active_storage/attached/one.rb +4 -3
  40. data/lib/active_storage/engine.rb +25 -43
  41. data/lib/active_storage/gem_version.rb +3 -3
  42. data/lib/active_storage/log_subscriber.rb +6 -0
  43. data/lib/active_storage/previewer/mupdf_previewer.rb +3 -3
  44. data/lib/active_storage/previewer/poppler_pdf_previewer.rb +2 -2
  45. data/lib/active_storage/previewer/video_previewer.rb +2 -2
  46. data/lib/active_storage/previewer.rb +3 -2
  47. data/lib/active_storage/service/azure_storage_service.rb +40 -35
  48. data/lib/active_storage/service/configurator.rb +3 -1
  49. data/lib/active_storage/service/disk_service.rb +36 -31
  50. data/lib/active_storage/service/gcs_service.rb +18 -16
  51. data/lib/active_storage/service/mirror_service.rb +31 -7
  52. data/lib/active_storage/service/registry.rb +32 -0
  53. data/lib/active_storage/service/s3_service.rb +51 -23
  54. data/lib/active_storage/service.rb +35 -7
  55. data/lib/active_storage/transformers/image_processing_transformer.rb +13 -365
  56. data/lib/active_storage/transformers/transformer.rb +0 -3
  57. data/lib/active_storage.rb +9 -8
  58. metadata +60 -25
  59. data/db/update_migrate/20180723000244_add_foreign_key_constraint_to_active_storage_attachments_for_blob_id.rb +0 -9
  60. data/lib/active_storage/downloading.rb +0 -47
  61. data/lib/active_storage/transformers/mini_magick_transformer.rb +0 -38
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 22e2580ffbad9d803a7b184615de74f4432e082d9d2dcce015b77e7f49c57e6d
4
- data.tar.gz: 6b2b92c08c803e82afe4941f51258fbc49687e462f8b83279f6d341549c30b21
3
+ metadata.gz: 2b5828c669886bb3073bc9a325644f70785b9e7432fe34bf609369ae854472d1
4
+ data.tar.gz: c20c99725925af7c67f86c4ad99fcc5add79a4c373db3c1d5ae6fe4c2b1a893b
5
5
  SHA512:
6
- metadata.gz: 7244f860ed41018816fa092fd1749e91639ee1d8deeafaa6421201b5a3d5f018c5f7cb75e130c22fdf08102296d5d65299af7c04bf4a7b826cc7e08fe6d8ecfc
7
- data.tar.gz: 6ecf47ead581e5069130454236ec1067d09f6d77d277b46368647da0554b30cb86d0f1d95605bd2cc2b451ffb377f0cf5eb2640d9821e80409530248aa2aa4de
6
+ metadata.gz: 7d0adc41784932bd392d92f120fadea916633ccf659a2b2d5d3b6a305eee2ca093a6d82045e322b40a5d6349cfeae880db08c87f1972bb40e954f52dd1457c45
7
+ data.tar.gz: adf193c0617237b63aaf251b0e0fe8ec0e48da5b3dc47d8a6e60a5b91ea976d3a205dd990a0a2b20d65bd21b70dc5eccbaed0a512a86c03445be84811fa5deda
data/CHANGELOG.md CHANGED
@@ -1,59 +1,24 @@
1
- ## Rails 6.0.5.1 (July 12, 2022) ##
1
+ ## Rails 6.1.0.rc1 (November 02, 2020) ##
2
2
 
3
- * No changes.
3
+ * Remove deprecated support to pass `:combine_options` operations to `ActiveStorage::Transformers::ImageProcessing`.
4
4
 
5
+ *Rafael Mendonça França*
5
6
 
6
- ## Rails 6.0.5 (May 09, 2022) ##
7
+ * Remove deprecated `ActiveStorage::Transformers::MiniMagickTransformer`.
7
8
 
8
- * No changes.
9
+ *Rafael Mendonça França*
9
10
 
11
+ * Remove deprecated `config.active_storage.queue`.
10
12
 
11
- ## Rails 6.0.4.8 (April 26, 2022) ##
13
+ *Rafael Mendonça França*
12
14
 
13
- * No changes.
15
+ * Remove deprecated `ActiveStorage::Downloading`.
14
16
 
17
+ *Rafael Mendonça França*
15
18
 
16
- ## Rails 6.0.4.7 (March 08, 2022) ##
19
+ * Add per-environment configuration support
17
20
 
18
- * Added image transformation validation via configurable allow-list.
19
-
20
- Variant now offers a configurable allow-list for
21
- transformation methods in addition to a configurable deny-list for arguments.
22
-
23
- [CVE-2022-21831]
24
-
25
-
26
- ## Rails 6.0.4.6 (February 11, 2022) ##
27
-
28
- * No changes.
29
-
30
-
31
- ## Rails 6.0.4.5 (February 11, 2022) ##
32
-
33
- * No changes.
34
-
35
-
36
- ## Rails 6.0.4.4 (December 15, 2021) ##
37
-
38
- * No changes.
39
-
40
-
41
- ## Rails 6.0.4.3 (December 14, 2021) ##
42
-
43
- * No changes.
44
-
45
-
46
- ## Rails 6.0.4.2 (December 14, 2021) ##
47
-
48
- * No changes.
49
-
50
-
51
- ## Rails 6.0.4.1 (August 19, 2021) ##
52
-
53
- * No changes.
54
-
55
-
56
- ## Rails 6.0.4 (June 15, 2021) ##
21
+ *Pietro Moro*
57
22
 
58
23
  * The Poppler PDF previewer renders a preview image using the original
59
24
  document's crop box rather than its media box, hiding print margins. This
@@ -61,273 +26,207 @@
61
26
 
62
27
  *Vincent Robert*
63
28
 
29
+ * Touch parent model when an attachment is purged.
64
30
 
65
- ## Rails 6.0.3.7 (May 05, 2021) ##
66
-
67
- * No changes.
31
+ *Víctor Pérez Rodríguez*
68
32
 
33
+ * Files can now be served by proxying them from the underlying storage service
34
+ instead of redirecting to a signed service URL. Use the
35
+ `rails_storage_proxy_path` and `_url` helpers to proxy an attached file:
69
36
 
70
- ## Rails 6.0.3.6 (March 26, 2021) ##
71
-
72
- * Marcel is upgraded to version 1.0.0 to avoid a dependency on GPL-licensed
73
- mime types data.
74
-
75
- *George Claghorn*
76
-
77
-
78
- ## Rails 6.0.3.5 (February 10, 2021) ##
79
-
80
- * No changes.
81
-
82
-
83
- ## Rails 6.0.3.4 (October 07, 2020) ##
84
-
85
- * No changes.
86
-
87
-
88
- ## Rails 6.0.3.3 (September 09, 2020) ##
89
-
90
- * No changes.
91
-
37
+ ```erb
38
+ <%= image_tag rails_storage_proxy_path(@user.avatar) %>
39
+ ```
92
40
 
93
- ## Rails 6.0.3.2 (June 17, 2020) ##
41
+ To proxy by default, set `config.active_storage.resolve_model_to_route`:
94
42
 
95
- * No changes.
43
+ ```ruby
44
+ # Proxy attached files instead.
45
+ config.active_storage.resolve_model_to_route = :rails_storage_proxy
46
+ ```
96
47
 
48
+ ```erb
49
+ <%= image_tag @user.avatar %>
50
+ ```
97
51
 
98
- ## Rails 6.0.3.1 (May 18, 2020) ##
52
+ To redirect to a signed service URL when the default file serving strategy
53
+ is set to proxying, use the `rails_storage_redirect_path` and `_url` helpers:
99
54
 
100
- * [CVE-2020-8162] Include Content-Length in signature for ActiveStorage direct upload
55
+ ```erb
56
+ <%= image_tag rails_storage_redirect_path(@user.avatar) %>
57
+ ```
101
58
 
59
+ *Jonathan Fleckenstein*
102
60
 
103
- ## Rails 6.0.3 (May 06, 2020) ##
61
+ * Add `config.active_storage.web_image_content_types` to allow applications
62
+ to add content types (like `image/webp`) in which variants can be processed,
63
+ instead of letting those images be converted to the fallback PNG format.
104
64
 
105
- * No changes.
65
+ *Jeroen van Haperen*
106
66
 
67
+ * Add support for creating variants of `WebP` images out of the box.
107
68
 
108
- ## Rails 6.0.2.2 (March 19, 2020) ##
69
+ *Dino Maric*
109
70
 
110
- * No changes.
71
+ * Only enqueue analysis jobs for blobs with non-null analyzer classes.
111
72
 
73
+ *Gannon McGibbon*
112
74
 
113
- ## Rails 6.0.2.1 (December 18, 2019) ##
75
+ * Previews are created on the same service as the original blob.
114
76
 
115
- * No changes.
77
+ *Peter Zhu*
116
78
 
79
+ * Remove unused `disposition` and `content_type` query parameters for `DiskService`.
117
80
 
118
- ## Rails 6.0.2 (December 13, 2019) ##
81
+ *Peter Zhu*
119
82
 
120
- * No changes.
83
+ * Use `DiskController` for both public and private files.
121
84
 
85
+ `DiskController` is able to handle multiple services by adding a
86
+ `service_name` field in the generated URL in `DiskService`.
122
87
 
123
- ## Rails 6.0.1 (November 5, 2019) ##
88
+ *Peter Zhu*
124
89
 
125
- * `ActiveStorage::AnalyzeJob`s are discarded on `ActiveRecord::RecordNotFound` errors.
90
+ * Variants are tracked in the database to avoid existence checks in the storage service.
126
91
 
127
92
  *George Claghorn*
128
93
 
129
- * Blobs are recorded in the database before being uploaded to the service.
130
- This fixes that generated blob keys could silently collide, leading to
131
- data loss.
132
-
133
- *Julik Tarkhanov*
94
+ * Deprecate `service_url` methods in favour of `url`.
134
95
 
96
+ Deprecate `Variant#service_url` and `Preview#service_url` to instead use
97
+ `#url` method to be consistent with `Blob`.
135
98
 
136
- ## Rails 6.0.0 (August 16, 2019) ##
99
+ *Peter Zhu*
137
100
 
138
- * No changes.
101
+ * Permanent URLs for public storage blobs.
139
102
 
103
+ Services can be configured in `config/storage.yml` with a new key
104
+ `public: true | false` to indicate whether a service holds public
105
+ blobs or private blobs. Public services will always return a permanent URL.
140
106
 
141
- ## Rails 6.0.0.rc2 (July 22, 2019) ##
107
+ Deprecates `Blob#service_url` in favor of `Blob#url`.
142
108
 
143
- * No changes.
109
+ *Peter Zhu*
144
110
 
111
+ * Make services aware of configuration names.
145
112
 
146
- ## Rails 6.0.0.rc1 (April 24, 2019) ##
113
+ *Gannon McGibbon*
147
114
 
148
- * Don't raise when analyzing an image whose type is unsupported by ImageMagick.
115
+ * The `Content-Type` header is set on image variants when they're uploaded to third-party storage services.
149
116
 
150
- Fixes #36065.
117
+ *Kyle Ribordy*
151
118
 
152
- *Guilherme Mansur*
119
+ * Allow storage services to be configured per attachment.
153
120
 
154
- * Permit generating variants of BMP images.
155
-
156
- *Younes Serraj*
157
-
158
-
159
- ## Rails 6.0.0.beta3 (March 11, 2019) ##
160
-
161
- * No changes.
162
-
163
-
164
- ## Rails 6.0.0.beta2 (February 25, 2019) ##
165
-
166
- * No changes.
167
-
168
-
169
- ## Rails 6.0.0.beta1 (January 18, 2019) ##
121
+ ```ruby
122
+ class User < ActiveRecord::Base
123
+ has_one_attached :avatar, service: :s3
124
+ end
170
125
 
171
- * [Rename npm package](https://github.com/rails/rails/pull/34905) from
172
- [`activestorage`](https://www.npmjs.com/package/activestorage) to
173
- [`@rails/activestorage`](https://www.npmjs.com/package/@rails/activestorage).
126
+ class Gallery < ActiveRecord::Base
127
+ has_many_attached :photos, service: :s3
128
+ end
129
+ ```
174
130
 
175
- *Javan Makhmali*
131
+ *Dmitry Tsepelev*
176
132
 
177
- * Replace `config.active_storage.queue` with two options that indicate which
178
- queues analysis and purge jobs should use, respectively:
133
+ * You can optionally provide a custom blob key when attaching a new file:
179
134
 
180
- * `config.active_storage.queues.analysis`
181
- * `config.active_storage.queues.purge`
135
+ ```ruby
136
+ user.avatar.attach key: "avatars/#{user.id}.jpg",
137
+ io: io, content_type: "image/jpeg", filename: "avatar.jpg"
138
+ ```
182
139
 
183
- `config.active_storage.queue` is preferred over the new options when it's
184
- set, but it is deprecated and will be removed in Rails 6.1.
140
+ Active Storage will store the blob's data on the configured service at the provided key.
185
141
 
186
142
  *George Claghorn*
187
143
 
188
- * Permit generating variants of TIFF images.
144
+ * Replace `Blob.create_after_upload!` with `Blob.create_and_upload!` and deprecate the former.
189
145
 
190
- *Luciano Sousa*
191
-
192
- * Use base36 (all lowercase) for all new Blob keys to prevent
193
- collisions and undefined behavior with case-insensitive filesystems and
194
- database indices.
146
+ `create_after_upload!` has been removed since it could lead to data
147
+ corruption by uploading to a key on the storage service which happened to
148
+ be already taken. Creating the record would then correctly raise a
149
+ database uniqueness exception but the stored object would already have
150
+ overwritten another. `create_and_upload!` swaps the order of operations
151
+ so that the key gets reserved up-front or the uniqueness error gets raised,
152
+ before the upload to a key takes place.
195
153
 
196
154
  *Julik Tarkhanov*
197
155
 
198
- * It doesn’t include an `X-CSRF-Token` header if a meta tag is not found on
199
- the page. It previously included one with a value of `undefined`.
200
-
201
- *Cameron Bothner*
202
-
203
- * Fix `ArgumentError` when uploading to amazon s3
204
-
205
- *Hiroki Sanpei*
206
-
207
- * Add progressive JPG to default list of variable content types
208
-
209
- *Maurice Kühlborn*
210
-
211
- * Add `ActiveStorage.routes_prefix` for configuring generated routes.
156
+ * Set content disposition in direct upload using `filename` and `disposition` parameters to `ActiveStorage::Service#headers_for_direct_upload`.
212
157
 
213
- *Chris Bisnett*
158
+ *Peter Zhu*
214
159
 
215
- * `ActiveStorage::Service::AzureStorageService` only handles specifically
216
- relevant types of `Azure::Core::Http::HTTPError`. It previously obscured
217
- other types of `HTTPError`, which is the azure-storage gem’s catch-all
218
- exception class.
160
+ * Allow record to be optionally passed to blob finders to make sharding
161
+ easier.
219
162
 
220
- *Cameron Bothner*
163
+ *Gannon McGibbon*
221
164
 
222
- * `ActiveStorage::DiskController#show` generates a 404 Not Found response when
223
- the requested file is missing from the disk service. It previously raised
224
- `Errno::ENOENT`.
165
+ * Switch from `azure-storage` gem to `azure-storage-blob` gem for Azure service.
225
166
 
226
- *Cameron Bothner*
167
+ *Peter Zhu*
227
168
 
228
- * `ActiveStorage::Blob#download` and `ActiveStorage::Blob#open` raise
229
- `ActiveStorage::FileNotFoundError` when the corresponding file is missing
230
- from the storage service. Services translate service-specific missing object
231
- exceptions (e.g. `Google::Cloud::NotFoundError` for the GCS service and
232
- `Errno::ENOENT` for the disk service) into
233
- `ActiveStorage::FileNotFoundError`.
169
+ * Add `config.active_storage.draw_routes` to disable Active Storage routes.
234
170
 
235
- *Cameron Bothner*
171
+ *Gannon McGibbon*
236
172
 
237
- * Added the `ActiveStorage::SetCurrent` concern for custom Active Storage
238
- controllers that can't inherit from `ActiveStorage::BaseController`.
173
+ * Image analysis is skipped if ImageMagick returns an error.
239
174
 
240
- *George Claghorn*
241
-
242
- * Active Storage error classes like `ActiveStorage::IntegrityError` and
243
- `ActiveStorage::UnrepresentableError` now inherit from `ActiveStorage::Error`
244
- instead of `StandardError`. This permits rescuing `ActiveStorage::Error` to
245
- handle all Active Storage errors.
246
-
247
- *Andrei Makarov*, *George Claghorn*
248
-
249
- * Uploaded files assigned to a record are persisted to storage when the record
250
- is saved instead of immediately.
251
-
252
- In Rails 5.2, the following causes an uploaded file in `params[:avatar]` to
253
- be stored:
254
-
255
- ```ruby
256
- @user.avatar = params[:avatar]
257
- ```
258
-
259
- In Rails 6, the uploaded file is stored when `@user` is successfully saved.
175
+ `ActiveStorage::Analyzer::ImageAnalyzer#metadata` would previously raise a
176
+ `MiniMagick::Error`, which caused persistent `ActiveStorage::AnalyzeJob`
177
+ failures. It now logs the error and returns `{}`, resulting in no metadata
178
+ being added to the offending image blob.
260
179
 
261
180
  *George Claghorn*
262
181
 
263
- * Add the ability to reflect on defined attachments using the existing
264
- ActiveRecord reflection mechanism.
265
-
266
- *Kevin Deisz*
182
+ * Method calls on singular attachments return `nil` when no file is attached.
267
183
 
268
- * Variant arguments of `false` or `nil` will no longer be passed to the
269
- processor. For example, the following will not have the monochrome
270
- variation applied:
184
+ Previously, assuming the following User model, `user.avatar.filename` would
185
+ raise a `Module::DelegationError` if no avatar was attached:
271
186
 
272
187
  ```ruby
273
- avatar.variant(monochrome: false)
188
+ class User < ApplicationRecord
189
+ has_one_attached :avatar
190
+ end
274
191
  ```
275
192
 
276
- *Jacob Smith*
193
+ They now return `nil`.
277
194
 
278
- * Generated attachment getter and setter methods are created
279
- within the model's `GeneratedAssociationMethods` module to
280
- allow overriding and composition using `super`.
195
+ *Matthew Tanous*
281
196
 
282
- *Josh Susser*, *Jamon Douglas*
197
+ * The mirror service supports direct uploads.
283
198
 
284
- * Add `ActiveStorage::Blob#open`, which downloads a blob to a tempfile on disk
285
- and yields the tempfile. Deprecate `ActiveStorage::Downloading`.
199
+ New files are directly uploaded to the primary service. When a
200
+ directly-uploaded file is attached to a record, a background job is enqueued
201
+ to copy it to each secondary service.
286
202
 
287
- *David Robertson*, *George Claghorn*
203
+ Configure the queue used to process mirroring jobs by setting
204
+ `config.active_storage.queues.mirror`. The default is `:active_storage_mirror`.
288
205
 
289
- * Pass in `identify: false` as an argument when providing a `content_type` for
290
- `ActiveStorage::Attached::{One,Many}#attach` to bypass automatic content
291
- type inference. For example:
206
+ *George Claghorn*
292
207
 
293
- ```ruby
294
- @message.image.attach(
295
- io: File.open('/path/to/file'),
296
- filename: 'file.pdf',
297
- content_type: 'application/pdf',
298
- identify: false
299
- )
208
+ * The S3 service now permits uploading files larger than 5 gigabytes.
209
+
210
+ When uploading a file greater than 100 megabytes in size, the service
211
+ transparently switches to [multipart uploads](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html)
212
+ using a part size computed from the file's total size and S3's part count limit.
213
+
214
+ No application changes are necessary to take advantage of this feature. You
215
+ can customize the default 100 MB multipart upload threshold in your S3
216
+ service's configuration:
217
+
218
+ ```yaml
219
+ production:
220
+ service: s3
221
+ access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
222
+ secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
223
+ region: us-east-1
224
+ bucket: my-bucket
225
+ upload:
226
+ multipart_threshold: <%= 250.megabytes %>
300
227
  ```
301
228
 
302
- *Ryan Davidson*
303
-
304
- * The Google Cloud Storage service properly supports streaming downloads.
305
- It now requires version 1.11 or newer of the google-cloud-storage gem.
306
-
307
229
  *George Claghorn*
308
230
 
309
- * Use the [ImageProcessing](https://github.com/janko-m/image_processing) gem
310
- for Active Storage variants, and deprecate the MiniMagick backend.
311
-
312
- This means that variants are now automatically oriented if the original
313
- image was rotated. Also, in addition to the existing ImageMagick
314
- operations, variants can now use `:resize_to_fit`, `:resize_to_fill`, and
315
- other ImageProcessing macros. These are now recommended over raw `:resize`,
316
- as they also sharpen the thumbnail after resizing.
317
-
318
- The ImageProcessing gem also comes with a backend implemented on
319
- [libvips](http://jcupitt.github.io/libvips/), an alternative to
320
- ImageMagick which has significantly better performance than
321
- ImageMagick in most cases, both in terms of speed and memory usage. In
322
- Active Storage it's now possible to switch to the libvips backend by
323
- changing `Rails.application.config.active_storage.variant_processor` to
324
- `:vips`.
325
-
326
- *Janko Marohnić*
327
-
328
- * Rails 6 requires Ruby 2.5.0 or newer.
329
-
330
- *Jeremy Daer*, *Kasper Timm Hansen*
331
-
332
231
 
333
- Please check [5-2-stable](https://github.com/rails/rails/blob/5-2-stable/activestorage/CHANGELOG.md) for previous changes.
232
+ Please check [6-0-stable](https://github.com/rails/rails/blob/6-0-stable/activestorage/CHANGELOG.md) for previous changes.
data/MIT-LICENSE CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2017-2019 David Heinemeier Hansson, Basecamp
1
+ Copyright (c) 2017-2020 David Heinemeier Hansson, Basecamp
2
2
 
3
3
  Permission is hereby granted, free of charge, to any person obtaining
4
4
  a copy of this software and associated documentation files (the
data/README.md CHANGED
@@ -10,13 +10,13 @@ You can read more about Active Storage in the [Active Storage Overview](https://
10
10
 
11
11
  ## Compared to other storage solutions
12
12
 
13
- A key difference to how Active Storage works compared to other attachment solutions in Rails is through the use of built-in [Blob](https://github.com/rails/rails/blob/main/activestorage/app/models/active_storage/blob.rb) and [Attachment](https://github.com/rails/rails/blob/main/activestorage/app/models/active_storage/attachment.rb) models (backed by Active Record). This means existing application models do not need to be modified with additional columns to associate with files. Active Storage uses polymorphic associations via the `Attachment` join model, which then connects to the actual `Blob`.
13
+ A key difference to how Active Storage works compared to other attachment solutions in Rails is through the use of built-in [Blob](https://github.com/rails/rails/blob/master/activestorage/app/models/active_storage/blob.rb) and [Attachment](https://github.com/rails/rails/blob/master/activestorage/app/models/active_storage/attachment.rb) models (backed by Active Record). This means existing application models do not need to be modified with additional columns to associate with files. Active Storage uses polymorphic associations via the `Attachment` join model, which then connects to the actual `Blob`.
14
14
 
15
15
  `Blob` models store attachment metadata (filename, content-type, etc.), and their identifier key in the storage service. Blob models do not store the actual binary data. They are intended to be immutable in spirit. One file, one blob. You can associate the same blob with multiple application models as well. And if you want to do transformations of a given `Blob`, the idea is that you'll simply create a new one, rather than attempt to mutate the existing one (though of course you can delete the previous version later if you don't need it).
16
16
 
17
17
  ## Installation
18
18
 
19
- Run `rails active_storage:install` to copy over active_storage migrations.
19
+ Run `bin/rails active_storage:install` to copy over active_storage migrations.
20
20
 
21
21
  NOTE: If the task cannot be found, verify that `require "active_storage/engine"` is present in `config/application.rb`.
22
22
 
@@ -55,7 +55,7 @@ url_for(user.avatar)
55
55
 
56
56
  class AvatarsController < ApplicationController
57
57
  def update
58
- # params[:avatar] contains a ActionDispatch::Http::UploadedFile object
58
+ # params[:avatar] contains an ActionDispatch::Http::UploadedFile object
59
59
  Current.user.avatar.attach(params.require(:avatar))
60
60
  redirect_to Current.user
61
61
  end
@@ -106,6 +106,37 @@ Variation of image attachment:
106
106
  <%= image_tag user.avatar.variant(resize_to_limit: [100, 100]) %>
107
107
  ```
108
108
 
109
+ ## File serving strategies
110
+
111
+ Active Storage supports two ways to serve files: redirecting and proxying.
112
+
113
+ ### Redirecting
114
+
115
+ Active Storage generates stable application URLs for files which, when accessed, redirect to signed, short-lived service URLs. This relieves application servers of the burden of serving file data. It is the default file serving strategy.
116
+
117
+ When the application is configured to proxy files by default, use the `rails_storage_redirect_path` and `_url` route helpers to redirect instead:
118
+
119
+ ```erb
120
+ <%= image_tag rails_storage_redirect_path(@user.avatar) %>
121
+ ```
122
+
123
+ ### Proxying
124
+
125
+ Optionally, files can be proxied instead. This means that your application servers will download file data from the storage service in response to requests. This can be useful for serving files from a CDN.
126
+
127
+ Explicitly proxy attachments using the `rails_storage_proxy_path` and `_url` route helpers:
128
+
129
+ ```erb
130
+ <%= image_tag rails_storage_proxy_path(@user.avatar) %>
131
+ ```
132
+
133
+ Or configure Active Storage to use proxying by default:
134
+
135
+ ```ruby
136
+ # config/initializers/active_storage.rb
137
+ Rails.application.config.active_storage.resolve_model_to_route = :rails_storage_proxy
138
+ ```
139
+
109
140
  ## Direct uploads
110
141
 
111
142
  Active Storage, with its included JavaScript library, supports uploading directly from the client to the cloud.
@@ -120,7 +151,8 @@ Active Storage, with its included JavaScript library, supports uploading directl
120
151
  ```
121
152
  Using the npm package:
122
153
  ```js
123
- require("@rails/activestorage").start()
154
+ import * as ActiveStorage from "@rails/activestorage"
155
+ ActiveStorage.start()
124
156
  ```
125
157
  2. Annotate file inputs with the direct upload URL.
126
158
 
@@ -5,4 +5,15 @@ class ActiveStorage::BaseController < ActionController::Base
5
5
  include ActiveStorage::SetCurrent
6
6
 
7
7
  protect_from_forgery with: :exception
8
+
9
+ self.etag_with_template_digest = false
10
+
11
+ private
12
+ def stream(blob)
13
+ blob.download do |chunk|
14
+ response.stream.write chunk
15
+ end
16
+ ensure
17
+ response.stream.close
18
+ end
8
19
  end
@@ -0,0 +1,14 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Proxy files through application. This avoids having a redirect and makes files easier to cache.
4
+ class ActiveStorage::Blobs::ProxyController < ActiveStorage::BaseController
5
+ include ActiveStorage::SetBlob
6
+ include ActiveStorage::SetHeaders
7
+
8
+ def show
9
+ http_cache_forever public: true do
10
+ set_content_headers_from @blob
11
+ stream @blob
12
+ end
13
+ end
14
+ end
@@ -4,11 +4,11 @@
4
4
  # Note: These URLs are publicly accessible. If you need to enforce access protection beyond the
5
5
  # security-through-obscurity factor of the signed blob references, you'll need to implement your own
6
6
  # authenticated redirection controller.
7
- class ActiveStorage::BlobsController < ActiveStorage::BaseController
7
+ class ActiveStorage::Blobs::RedirectController < ActiveStorage::BaseController
8
8
  include ActiveStorage::SetBlob
9
9
 
10
10
  def show
11
11
  expires_in ActiveStorage.service_urls_expire_in
12
- redirect_to @blob.service_url(disposition: params[:disposition])
12
+ redirect_to @blob.url(disposition: params[:disposition])
13
13
  end
14
14
  end
@@ -5,11 +5,13 @@
5
5
  # Always go through the BlobsController, or your own authenticated controller, rather than directly
6
6
  # to the service URL.
7
7
  class ActiveStorage::DiskController < ActiveStorage::BaseController
8
+ include ActiveStorage::FileServer
9
+
8
10
  skip_forgery_protection
9
11
 
10
12
  def show
11
13
  if key = decode_verified_key
12
- serve_file disk_service.path_for(key[:key]), content_type: key[:content_type], disposition: key[:disposition]
14
+ serve_file named_disk_service(key[:service_name]).path_for(key[:key]), content_type: key[:content_type], disposition: key[:disposition]
13
15
  else
14
16
  head :not_found
15
17
  end
@@ -20,7 +22,7 @@ class ActiveStorage::DiskController < ActiveStorage::BaseController
20
22
  def update
21
23
  if token = decode_verified_token
22
24
  if acceptable_content?(token)
23
- disk_service.upload token[:key], request.body, checksum: token[:checksum]
25
+ named_disk_service(token[:service_name]).upload token[:key], request.body, checksum: token[:checksum]
24
26
  else
25
27
  head :unprocessable_entity
26
28
  end
@@ -32,30 +34,16 @@ class ActiveStorage::DiskController < ActiveStorage::BaseController
32
34
  end
33
35
 
34
36
  private
35
- def disk_service
36
- ActiveStorage::Blob.service
37
+ def named_disk_service(name)
38
+ ActiveStorage::Blob.services.fetch(name) do
39
+ ActiveStorage::Blob.service
40
+ end
37
41
  end
38
42
 
39
-
40
43
  def decode_verified_key
41
44
  ActiveStorage.verifier.verified(params[:encoded_key], purpose: :blob_key)
42
45
  end
43
46
 
44
- def serve_file(path, content_type:, disposition:)
45
- Rack::File.new(nil).serving(request, path).tap do |(status, headers, body)|
46
- self.status = status
47
- self.response_body = body
48
-
49
- headers.each do |name, value|
50
- response.headers[name] = value
51
- end
52
-
53
- response.headers["Content-Type"] = content_type || DEFAULT_SEND_FILE_TYPE
54
- response.headers["Content-Disposition"] = disposition || DEFAULT_SEND_FILE_DISPOSITION
55
- end
56
- end
57
-
58
-
59
47
  def decode_verified_token
60
48
  ActiveStorage.verifier.verified(params[:encoded_token], purpose: :blob_token)
61
49
  end